Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def setUp(self):
self.notice_info = Notice("info")
self.notice_warn = Notice("warning", "warning")
self.notice_errr = Notice("error", "error")
self.notice_hint = Notice("hint", "hint")
self.notices = [
self.notice_info,
self.notice_warn,
self.notice_errr,
self.notice_hint
]
self.notice_origin = NoticeOrigin('origin_str')
pkg_format = command_lib.check_pkg_format(binary)
os_guess = command_lib.check_os_guess(binary)
if get_os_release():
# We know with high degree of certainty what the OS is
image_layer.origins.add_notice_to_origins(origin_layer, Notice(
formats.os_release.format(os_style=get_os_release()), 'info'))
elif binary is None:
# No binary and no os-release means we have no idea about base OS
image_layer.origins.add_notice_to_origins(origin_layer, Notice(
errors.no_etc_release, 'warning'))
else:
# We make a guess about the OS based on pkg_format + binary
# First check that binary exists in base.yml
if not pkg_format or not os_guess:
image_layer.origins.add_notice_to_origins(
origin_command_lib, Notice(
errors.no_listing_for_base_key.format(listing_key=binary),
'warning'))
else:
# Assign image layer attributes and guess OS
image_layer.pkg_format = pkg_format
image_layer.os_guess = os_guess
image_layer.origins.add_notice_to_origins(origin_layer, Notice(
formats.os_style_guess.format(
package_manager=binary,
package_format=image_layer.pkg_format,
os_list=image_layer.os_guess), 'info'))
def add_notice(self, notice):
if isinstance(notice, Notice):
self.__notices.append(notice)
else:
raise TypeError('Object type is {0}, should be Notice'.format(
type(notice)))
def load_base_image():
'''Create base image from dockerfile instructions and return the image'''
base_image, dockerfile_lines = dhelper.get_dockerfile_base()
# try to get image metadata
if not container.check_image(base_image.repotag):
# if no base image is found, give a warning and continue
if not container.pull_image(base_image.repotag):
logger.warning("%s", errors.cannot_find_image.format(
imagetag=base_image.repotag))
try:
base_image.load_image()
except NameError as error:
logger.warning('Error in loading base image: %s', str(error))
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(str(error), 'error'))
except subprocess.CalledProcessError as error:
logger.warning(
'Error in loading base image: %s', str(error.output, 'utf-8'))
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(str(error.output, 'utf-8'), 'error'))
except IOError as error:
logger.warning('Error in loading base image: %s', str(error))
base_image.origins.add_notice_to_origin(
dockerfile_lines, Notice(str(error), 'error'))
return base_image
Notice messages indicating as such:
1. Create an image with a placeholder repotag
2. For each RUN command, create a package list
3. Create layer objects with incremental integers and add the package
list to that layer with a Notice about parsing
4. Return stub image'''
stub_image = Image('easteregg:cookie')
layer_count = 0
for inst in dhelper.docker_commands:
if inst[0] == 'RUN':
layer_count = layer_count + 1
layer = ImageLayer(layer_count)
install_commands, msg = common.filter_install_commands(inst[1])
if msg:
layer.origins.add_notice_to_origins(
inst[1], Notice(msg, 'info'))
pkg_names = []
for command in install_commands:
pkg_names.append(common.get_installed_package_names(command))
for pkg_name in pkg_names:
pkg = Package(pkg_name)
# shell parser does not parse version pins yet
# when that is enabled, Notices for no versions need to be
# added here
layer.add_package(pkg)
return stub_image
imagetag=base_image.repotag))
try:
base_image.load_image()
except NameError as error:
logger.warning('Error in loading base image: %s', str(error))
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(str(error), 'error'))
except subprocess.CalledProcessError as error:
logger.warning(
'Error in loading base image: %s', str(error.output, 'utf-8'))
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(str(error.output, 'utf-8'), 'error'))
except IOError as error:
logger.warning('Error in loading base image: %s', str(error))
base_image.origins.add_notice_to_origin(
dockerfile_lines, Notice(str(error), 'error'))
return base_image
def add_base_packages(image_layer, binary, shell):
'''Given the image layer, the binary to invoke and shell:
1. get the listing from the base.yml
2. Invoke any commands against the base layer
3. Make a list of packages and add them to the layer'''
origin_layer = 'Layer: ' + image_layer.fs_hash[:10]
if image_layer.created_by:
image_layer.origins.add_notice_to_origins(origin_layer, Notice(
formats.layer_created_by.format(created_by=image_layer.created_by),
'info'))
else:
image_layer.origins.add_notice_to_origins(origin_layer, Notice(
formats.no_created_by, 'warning'))
origin_command_lib = formats.invoking_base_commands
# find the binary
listing = command_lib.get_base_listing(binary)
if listing:
# put info notice about what is going to be invoked
snippet_msg = formats.invoke_for_base + '\n' + \
content.print_base_invoke(binary)
image_layer.origins.add_notice_to_origins(
origin_layer, Notice(snippet_msg, 'info'))
shell, _ = command_lib.get_image_shell(listing)
if not shell:
if base_image_tag[0] == 'scratch':
# there is no base image - return no image object
return None
# there should be some image object here
repotag = base_image_tag[0] + dockerfile.tag_separator + \
base_image_tag[1]
from_line = 'FROM ' + repotag
base_image = DockerImage(repotag)
base_image.origins.add_notice_origin(dockerfile_lines)
base_image.name = base_image_tag[0]
# check if there is a tag
if not base_image_tag[1]:
message_string = errors.dockerfile_no_tag.format(
dockerfile_line=from_line)
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(message_string, 'warning'))
base_image.tag = 'latest'
else:
base_image.tag = base_image_tag[1]
# check if the tag is 'latest'
if base_image_tag[1] == 'latest':
message_string = errors.dockerfile_using_latest.format(
dockerfile_line=from_line)
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(message_string, 'warning'))
return base_image, dockerfile_lines
except ValueError as e:
logger.warning("%s", errors.cannot_parse_base_image.format(
dockerfile=dockerfile_global, error_msg=e))
return None
base_image.name = base_image_tag[0]
# check if there is a tag
if not base_image_tag[1]:
message_string = errors.dockerfile_no_tag.format(
dockerfile_line=from_line)
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(message_string, 'warning'))
base_image.tag = 'latest'
else:
base_image.tag = base_image_tag[1]
# check if the tag is 'latest'
if base_image_tag[1] == 'latest':
message_string = errors.dockerfile_using_latest.format(
dockerfile_line=from_line)
base_image.origins.add_notice_to_origins(
dockerfile_lines, Notice(message_string, 'warning'))
return base_image, dockerfile_lines
except ValueError as e:
logger.warning("%s", errors.cannot_parse_base_image.format(
dockerfile=dockerfile_global, error_msg=e))
return None
Notice messages indicating as such:
1. Create an image with a placeholder repotag
2. For each RUN command, create a package list
3. Create layer objects with incremental integers and add the package
list to that layer with a Notice about parsing
4. Return stub image'''
stub_image = Image('easteregg:cookie')
layer_count = 0
for inst in dhelper.docker_commands:
if inst[0] == 'RUN':
layer_count = layer_count + 1
layer = ImageLayer(layer_count)
install_commands, msg = common.filter_install_commands(inst[1])
if msg:
layer.origins.add_notice_to_origins(
inst[1], Notice(msg, 'info'))
pkg_names = []
for command in install_commands:
pkg_names.append(common.get_installed_package_names(command))
for pkg_name in pkg_names:
pkg = Package(pkg_name)
# shell parser does not parse version pins yet
# when that is enabled, Notices for no versions need to be
# added here
layer.add_package(pkg)
return stub_image